Japanese Publication for Unexamined Patent Application 
No. 69571/2000 (Tokukai 2000-69571) 

A. Relevance of the Above- identif ied Document 

This document has relevance to claims 1 and 16 of 
the present application. 

B. Translation of the Relevant Passages of the Document 

[CLAIMS] 
[CLAIM 1] 

A process for remote and secure payment 
comprising the step of . . . ; 

making sure that the buyer is a subscriber 
correctly registered. . . 

[CLAIM 3] 

The process according to claim 2,... comprising 
the steps of ... ; 

generating a subscriber's electronic signature 
with. an individual authentication algorithm... 

[CLAIM 6] 

The process according to claim 4, wherein said 
authentication of the buyer and purchase confirmation 
comprises the step of : 

inputting a secret payment code into the mobile 
radiotelephone by the buyer... 
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(54) nne«« ^ft^^*abT»xufciSfiRtf/xtta^^-tx©ifi^^v^^»^»cff5^ 

(57) [S*|] 

nun »»»««e*ttfflLT»Abfc*aft^/ 

[/Rft^ai ss-fe>*- (6) xtf/xtt^ta^-tJ- 

-A* (4) RtX/Xtt3>hn-;i"-fe>^-fCJ:oT 
HX# (2) **!MTa (6 2) X?<y7«€rtN »A 
# (2) (7) *»6»AbfcaftRtf/X»« 

(1) 0«ffil,T££«*Kfr3#ft*1*«£ 
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[«r«F«*Ottffl] 

[Ml] i^f (2) W»f (7) *5IAL 

ttEKA##<&n*&«B (1) Oftflil/TStI 
HKfr WSfiboT, IIT, ttESttftttftBtf* 

W±>2- (6) K±oTWSSftTtrt.&*Ba«*y 

h"7-? (5) IC7^-fe^-r*C:i:*«T?*. 

A* (4) 7Ji$S«il«* -.y h«7-* (5) CflSttSftT* 

MEVH*>* — (6) Rtf/XttlfoE^&WJ— -A 
(4) Rtf/xiJ3>hn-^ • -t>^— Ki«koT«re 

mxm (2) siasij-rsx-r-y^ (6 2) t;$^t, 
mx^tm^.mmmm^y hv-v (5) ©jmas'j.x 

MMttpiJ WEWA^SUXx-y^ (6 2) 

iZWfe<DlJQ\mm<l I F (IMSI;23a;50) *, fUBWS-fe 
(6) fttf/XttHMBS&WJ— A* (4) &rj/ 

^giJ7.x>y^ (6 2 a) 

#HJPI¥*. WE«a-fc>^- (6) Rtf/XfiJttfiE^ 
k^vy— a* (4) xtf/xtt«risn>i-n— ;i/ • -t>^ 
-^4T#-5 < k'5('-r^JnA#^fjE7.x-y7 p (6 2 
b) £SWfc^T£*d<fc*4#«£-r*. MMOHlK 

K«©^&\ 

C»*3S3] \WIEaA#^iE7.7 i y7 p (6 2 b) tfi. 
«E«a-fe > * tf/ X ttWIEX^ ^ it- / \*& tf/X 

tiffin >Hn-;i>v1r (5 1a) SnftiH 

kmmmnm < 1 ) ©«s$i« 

(2 3) K»gn gflABlE7;Hf' J XA (2 3 b) R 
tf/XtefflA^IE*- (2 3 c) l*rESL&£& 
ffllT, JjIlA#©«^S£ (5 1b) S^rifTS^T-y 

»ft««t«fitf. ifiEiinA*©*^***. iME*s-fe 

>*-Stf/Xtt«lfija^-3-^Stf/Xtt*(lB3 > 

Btrfaea-k >*-fttf/xttiWKtfc^tf— /m&/x 

ZZrv 2>Z\ ££&&£?%, if* 

JB 2 KE*©#ft. 
[ff*3«4] tfffa < BS-b>^— (6) Rtf/XteffjE 
a* (4) a^/Xtt«rE3>hn— ;u--fe> 

*—t)mmmxm (2) *bku ^icto-nastA 
# (2) K:«fc*ieft©*A&tf/xtt-!f--t;x*aw-« 

9Wg£|gIE-f ^X^-v?" (6 3) SMCfftr:: 

£-f 1 a»S 3 ©HT*U&»© 1 :3fc:E«©*tt. 



[W*H5] S9f£»A#i:BBAft^(7)MttE7.x-yy 
A*©* 1 ?** * « Xf7^ 

»n«itt«e^. meba*©^***, «rE«a-t 
>^-fttf/xttwe3£a^*- ysa^/xuMen > 

hP-;U • -t>^—vjH-5Xx^7 P (2 9 a) <t, 
WIE*a-t>^-R^/Xtt«HE3tav»-!J— A (4) R 
tf/Xttitie3>hn-;w • -fc >*-jo«i»E*A#©* 
fS**l^4L (4 2) . uClAfffltff**siA 
#R^ftl&#KJ:0ttffiTf**«fc-3K16»*ns (4 

3. 4 4) Xf-vT'i^tfCt^ait^. 

4 tCfEi&©^*£„ 

Ctt*«6] iWE*A#£*Aftj£©BlE;*T-v:/ 

A*. 

*a#*«. fewimmms (i) cwiitJW5nfc*-/t 

?F (2 4) iftffllT, IMB^fi>^3- K&»lMg tt 
*B (1) ^fS^ry^fc , 

>^Rtf/xttme3!E&t»i*--/xaix/xtt«rE3 > 
«re«inr>^-atf/xtt»e^a^»ij— a (4) & 

/XttWEn > h d-;u • -fc >*-a«ttE»*£&^ 
^ - h* * ft *"t -5 X r- y ■/ 1 £ * tr C £ * 4$ Wl £ ? Z> , 
S*«4{rfB«©^fc 

[s»#JS7] BtfiSBtA#i:»A^©©iEXx-yy 
*». 

*A##. (1) tCWa^*ttS>*i£*-A 

•;F (24) SffiffiLT, 

«B (1) \ZAJ]?2>Zy L v7* J ?>ffiZ ; rvZf£l,T<£ 
r^Ai. t«e»»*lil«BfcE*S*i;fcA*j7;P=fU 

tt 7 ©ir»rn*»k:E«©*ft. 

Cffi*JS9] WE««3t&v»3-K**A^Sn*IWE 
Xf7^'. i©BW©fc»Ctl#lcSnSHDMLXtt 
h©d>^< it) lt3©^^>D— H • ^ 

tt7©^-Tft36WcE«©*iS. 

c«**io] KA^wm^^^jasn-snrEx 

&mmMnu <d ©«s«« (23) 

Ht+a'Jf^ (2 3 d) fttf/XteS 

^•b+a'Jr^*- (2 3e) *ttflt47f7^ 

It 5 1 K 4 x- ^ » rjt/X \tm A# C Hf -S 5 s - ^ *> 

-raises. x«7*^e. 9©^-rn^i-3fcE*©^ 

5&o 
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$3 i o cE*«#ft. 

[tt*JS 1 2 ] N^AIMB ( 1 ) #iDA#8fcS'J 
(2 3) i^il-rSS* (2 0) ££A,T:fc 

ME3fcftV» • -fe+a U • *-*tfflE«*©««»* 
KE*SnTl>*;:i£4$«fcT«. IMiSlOXttl 

i ©fern^tcE*©^. 

cai** i 3 1 ffim®wimmnm ( i ) jwdaswm 

tya-il. (2 3) tUtmtiHtti (2 0) £#A,T*:fc 
0, BufB^^-tr+aUx-C -TJUVXA (2 3 d) 
Rtf/XttfflE£ftH • t+a'Jf-f • (2 3 e) 

*C OXttl lO^Tn^lC 

1 4 ] &®mmnm ( 1 ) ©£««*£ < 2 

3) fC-g-Sn-5ffi^sS»j3-K (PIN3-K) <h. K 
A#lC<fcoT*-Ay S' (2 4) *ffifflLT^i)*^m 

Xf7^ (6 1) *MK:£tr;ii*«*«£-r*, »** 

lfr£>l 3«^1*n^l^(*f5«©*teo 

1 5 ] ffrE&fiffi&sis ( 1 ) trnx^mi 

tfa-* (2 3) -hffilU-rS** (2 0) *£A/T$3 
K:E«©:£fe. 

[m$3 1 6 ] mr>«a»a*T»* <r t 

fr?;fc#. BIALfcRtf/Xttgttfc-tf- KX©£ftH 

©■ax-^]*»»#fl:sft (2 9i) , &mmmnmt 
m©#£. 

at»©Hlf-?Ox4ttSttSt*Xf7^ (2 9 

2) £M(c£tr 1-3, a^ai^e.16© 
m*m 1 s ] MB»A#a*. 

Huf2M^jSft^-> N7-2©n— iftbT©miE^A# 
IC(1#©SPA^^»J? ( I MS I ; 2 3 a ; 5 0) KM 

atjttsftfcm^w^nw^ (7 n t, 

£&<^g: (73. 73a, 73b, 73c) £. 
ilfiEBiA^KK-rsttfS (7 4) Rtf/Xttj»E»A# 

©□tftfc^ufcsm^if* (70) cua-^te 



■IA**«*a*K:WBija*l (6 2) . »&CJ:T?TttB 

USttS (6 3) ST, ME£ft<^& (7 3) ©<£ffl 

^i*n*u^icEiS©*s. 
mwxi 9] me^w* (7 0) a». rnmmxg 

#»oTH-Sf&$£ftV>:3-h* (7 2) ^Mlr^tfdi: 

[ir&g 2 o ] mK»um*wG ( 1 ) tfitnttmm 

(2 3) ttSSrfSSi* (2 0) 

ttE*F8f* (7 0) 
ME** (2 0) t. 

WEJOA^SU^va-^ (2 3) t. 
(IttESa^-S— A* (4) t, 
IWE*S-fe>*- (6) t. 

SfifBn>hP-;U • -t:>^-tA^fies^;^-7 p ^I||-r 
9©H-ftl*^CE«©*}£. 
1] BA# (2) ftHKtt* (7) *»6»A 

ufciSfistf/xfaaw-fcu— tf^©a»san*. m 

E»A# (2) KttffiStt&fMMiftttB (1) 

(6) KioTSgStl-SSigtilfi*';/ hV-f (5) 
^©7*-fcX*a#U £ftt>vtj— A* (4) tflttEft* 

»*fli*»e>2 o©^-rn^i^icE«©^*na-r 

[ff$*2 2] »A# (2) WMfrt (7) *>6»A 

btm&Rtf/xteg.wz-v— t*x©sMi£&n*. m 

EBIA^ (2) CffifflSftS&ttftflMtE (1) ££J3 

SIS (1) T&oT, CWgHd^ftK^a-fe^^- 
(6) KJ:oTflF8Sn**HKHt*y h7-£ (5) 
^©J^-teX^lKKU $a^t>— A* (4) OTttEfflt 

ai»*ffiiA»e2 o©v»-f*i*nt?tE«©*ffi*sis 

*Cff5fc»©»»»l»«IS. 
[«M©#»ftRM] 

[0 0 0 1] 

c^?q©jg-r§gji^^] *^^t±. 

fflLT»ALfcffiS,RlX/X«SJtfclJ— fc'X©Sfii£ 

*s-r«fc»©->^7 i Aa^iiss«KcB8-r5. * 

tf, j»*©***-r**i»«Bi:JH]A#SS»J ; &^a-;i' 
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[0 0 0 2] 

xf->3>j t fen? tin*) \twi2<D5"c7\zmL, 

■?n r^»j«g§j S.rjC rs IM (Subscribe Identifica 
tion ModuleiiPA^B'J^^a.-;!/) J £P?tf*l-5. S 

©BUS^Ev'a.— ;HjnA#»8'J : P (International Module 
s Subscriber Identity: I MS I ) . PAI&1E+— (K 
i tmtti&) , RtfflABtETJl^'JXA (A3/A 

[0003] fttirom^at^ffixtfS'XT-A**, ft 

Kffi3R3ftT»^S. 199 1f 10fl9HC58ffSft& 
*C«*«F4i«aiE P 4 5 1 0 5 7 B 1 X&^U— 

*. Mfc. 1 9 9 6^1 0/1 1 7 HKafrStlfcHIM* 
Wa«JBW0 9 6/3 2 7 0 H»tt. £&^-»J— A*<Z)& 

BR**— A* •Xf-J'a ^ZflttSX-y-- ->a >&tf3£ 
tE^-S— A • ->a >a*gegg£*l75:. r-f > 

hJ *v h^-iKOJ: "5 • 3>Ka. 

— ^ • f >3> • ^-7 h 7 — ^ 3 

ITt-t'XCioT, SK*#K c fcoTtl#;£tt£i8!.S 

[0004] ^^oBWtt. ®mm&'mm*it?zw. 

(closed type) ©Straff* >y h ^—^ 
T*Sn*t>04:»3feStlTV»4. * n-X K • *-f :/ 

<, GSMffyni?- GSM9 0 

0, DCS 1 8 0 0, UE) \Z%s-3<*v hV — ZZM 

[0 0 0 5] j?n-XHftilHfl**y h7-ftt. 91 

S. SfoT. *n-XFfc*5*a«*y h?- 

*. #J*.fc£, r-f M ©J: -5 • * 

7^7-^11 fcL-^idM^miS^HDML (Handset 
Device Markup Language) XteWML (Wi relessMarkup 
Language) X\tmC^< ^&rjt/xtt±l5 2 ^<7)a§S 



[0 0 0 6] ^D-X^&iligiaff*-;/ ^ r 7--^7^4:*- 
:/> • 3 >tfi-^ • fk35aZ^->3 >'^7h 

O 9 6/3 2 7 0 l-t£*3^Tjft!8£ftS#ifei£te. * 
[0 0 0 7] 

ja<ose±ttft»«bft*»s. ■iA#K«toTa:sn«fp 

[0 0 0 8] 

b»A#rt*BIALfcKo D n&tf/:mgttfc+r-h'X©jg 

g£tl3*tig§UIf§*-y h7-*C7^t7t4Ci!jn! 

/tRtf/Xtt3>hn-;u • -fe>*-t::<fco 
T. BA##fffltB£*ara*y £^0taA#'J;* 
hCEL<a«kSnfcHPA#Tf*-5Ci:tfltSf SCfc 

a» e $tj& $ ns ffitEM a# zmm? z 7. ^ v rs-a^T 
tea. 

[0 0 0 9] *LT. iOBA^^JX^y^OillJbl)' 
7-^©*iE*/ >A— ^JA^tJ— n\Z 

s«, Mnamowt (^<7)«s-t>^-cDaffl(c« 
tt^*-r?>#) is, *fT (^tA^*- /tfiDafflKfttt* 

\ZttVT. ^m^yU-AU-^fD^-C 
tt, r^«ffffi$n^H# (semi-trusted third par 
ty) J Z.<nm%. ^SfT«»A#Sr* 

MtC^SEL« Si^a^frotl«#tt^lljMiS«K*^fi#i- 
4A«©l»8'JK«tt**-r*. 
[0 0 10] iKfecDBtA#I£SiJ7.x-y7te, ^ng^ 
«», fJte i irS-fe>^-S^/XttMfe^JAV^-A*&rjc 

•y h^-^O^ffl^tLTOmltBBSA^fCilfl-roJbnA^ 
*9J^**ttlSl-S^t*«T?#«J:-5C-r*ilPA#lim 
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£ £ Jp A#BM A x 7 7 <h £ J® * I^A/T & £ Z t ifi 
[0 0 11] cco£^:, *J89itt, £ffla)!»AS»SJ 
GSM*-f7) <OiniA#WU »**S&lhl/» 

[0 0 12] ffiBiraA#BK*T-y7tt. «[ESa-t> 
D-;i/--fe>^-A<S9E»»SI««iSI-a* (^>^A 

«Bj&«* luf2iPA#^«?S«^mffB®Sir>^-S:^ 
/Xtt«E$a^1t-Aa^/XttMlE3 > h D-Jl/ • 
t^-^affTSXx^i, fl(IE««-fe>*--fttf 
/Xtt«E$ft^lJ— ARtf /XttffiEn y V n-)\, • 

-tv^-^WEJiDA^oa^s^sfts-rs^xy^t 

[0 0 13] C^ck-SlCbT, GSMWPH«fcD»£S 
ftfcUDA#BiE^«*«, iAf»JWf*;^Bi:«ffl 
StlS. J)nA#B!I^Ji#^ft£*l 
^Tt>BA*BiE¥)itfirasnTtt&6a:^C4:Tr» 
§o ffjE^SfcL tra*«*>*-fttf/XttffiE3[ 
Jt^U— ;tatf/XttWE3 > h n-;u • -fc 
ME»A#*!:BA#t:±*i«fl«)BARtf/Xtt1J-"-lf 

Asaw-sftjesBiET* ^s^tr^. tt*z z\z 

[0 0 14] C^ct-plC, ilOlBASBKAf^:^!* 

□ S£0PflTJtffi0)$MHi (compensation movements) £ 

[0 0 15] *«WTtt, WEBA#t»A*«BK^ 
f-^U, *ngfr^ #»S»«B*<. BfA^OS^ 

SflVF**^ MEff«-fe>*-Ktf/XttffiE£& 
^■S— A # a^/XttJiJE3>hn-^ • -tr>^-^SIf 
«Xf-;^ ffiE*S*>*-Rtf/Xtt*IE$& 



EB§A#<Z)m?W££&£bT, MESIAL*?** 
#»A#fttf ««#*:: £ 9 £ffiX# £ J; ? ft* 

[0 0 16] WEBA#t»A»SBSEX7 L y7 r tt, * 

£®fflLT, »»5&irO-K*»ft«»*»^A*-r 
SXf^t, »ft*»MtB«<, «&ES!B$I£^3-F 

*, irEffai:>^-s^/x«fi8E$a^-y---A»tf 
/xttfflfEn>hn-^ • -b>^-^s^aiine2it" 

If-Afttf/Xtefi&En >K u-)V- H>*-tfi* mil 

[0017] &?T> commmmizftMS. m%zm 

STCD£ire&6C ( h^T££ 0 83E»A#£l*Aft£ 

am«BfC#JRO*-Ay FKJ;oT#1!i««»B'yA 

•BEBA^om^S^JiWEIRiBX&vo- F<DB*i 

BA#3»«BIESn*-fe*a ! Jr>r t«JtS*«. 
[0 0 18] - H^AM^ :^)Xf7 ^ 

COXf-y^ttttE»»«IIB«BtcE*Sn& 

A*7^=fUXZ> k *«fflUT*ffSn*. tfcoT, 

SB 1 <o««MTtt* »»«i««KttA*7;V^UXA* 

[00 1 9] »2©*«B*7ftt, :<DXf^BHD 
tt, ^«B«A*7;i/=f , JXAfflO*^^fSE^ 

BAtfom^Jf^^jsJEsn^iiExf-y 

»ftj*IB«B©«««*^S*X*Sft^-ll=1ra 

• *-*ffl^x, ttgitiiaufcx-^&tf/xttBA 

[0 0 2 0] ^A#0«^W«B, K^UlHST^x- 
BA#S^»A*Scoa**BSE-r*c:i:^a« 
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#su »j * 5? a - ;u o s c e* * n * c 1 1 
[0021] msttmtmizywx'rvzf&'Stszttf 

ffJLK ip-6. fcL&Mffi«ttB©&g«*l£$£ft 

afBfcHJMn-Kfc, BA#K»Sft.§.'3BA#KJ:-3 

**i**am©£«#K:j:-3-cii«afta. 

&©te. 0iJAtf. iWA*BJM*S>:i-Jl'#i*3|5K:jf AS 
ftSflEK:. Xtt*5tt**X-f yfSXftSftSKC. ISA 
^S'J#^ (XttP I N3-H) **ftIA*KJ:-3TA*S 

[0 0 2 2] fmft*ftttB©mEftSflMft©4>ft< <ht> 

<7;P=fyXA&tf«ABIiE*-, £&<^ 
7;U^'JXA. Rrf-fe+iUr-w £JnA# 
R8U * v a - ;KO * KfSJg W C £ O £ U ^ . 
fllJE^ffite, SCiA«»IMllCfi5&*l6^tS«IET4 

* - £ OIBTjait •£> X 5=- y 7«£tr C b 

[0023] H&E#&te. Hfctf*##5 s -***3E-r 

-Rtf/XttX&i^U— A&tf/Xtt3 > b n-;p • ir 
> * - £ ©IWCXft 3 ft £ iSftfttf/Xtt-tf— f 7.m A 
©^S&^BBf*-* ©35^tt*«SET -5 y 7*^tt 

Wia»A#«. IDtEittIff^9 K7-i?oa-!ftl/ 
T© »KBIA#K:»SB L AcJjP A^BM^ KBBtft* 6 ft 

mFsH8»A#on^fcM-r^t»a<h. £^A,T?ft£m?Ht 

* (electronic wallet) fCHa^j-^ft. ffiE3£&H 
^Stt. ttKBflCBAfttf/Xtt-*- 

»A#**J5R?*K»cSI*JSft*T?, 
^lC«koTtt*BSft**-C«[ffl*«flFnISftftV». 
[0 0 2 4] (<b L&Kfc 6 tf) WA^cDSISiJSrjggSE 
tt. ClOBASom^ftrflfOBg'JXtfBSE (*>L3SfflBj 
teTfefttf) iLTfcl4CWtt5 ( 1A 



©m^ar^KWii^teft**^. &a©jjda# (t£ 
©«iWi£&ffl-r£«£ (WAtf. 

, lA©rJDA# (a^»*T*lniA#KJBiJ* 
ya-JH **»^A»flDfB : FB*CW5i^tt6ft*»^& 

£ © Ir >< t3 © U 4 . 

[0 0 2 5] ttftsBS'J^ (wallet identifier) tiJPA 
#^S'J^ (subscriber identifier) ©fyj©ftBllfl&© 
GbDA#;M»A#T?fcS) , BIA# (jtaA^tL 
T) ©BByt£. ^WBASWB^BH&WflrfKroBffl*-* 
Z.ZZ\t\Z&.M2tltz\<\ HfffScom 3 ©*£, 7JPA#© 
B'FflMi© 1 Wa.tff^tf-^hlC.fcoTaKSft 

*j&»SaWT*Brt*4*SftTJ:^;iiK:&jSSftfc 
^. B8U&, *-bT«£K«fcoTttBK«K:, »A#« 

■e<o« : fW*tc^*ft«xai'»¥a*fiEffl-r*ct3&*-e 

[0 0 2 6] ffiE*?it* ! bffflEBA#K:»5ftfc»* 
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1. Title of Invention 

PRHCESS FOR MAKING REMOTE PAYMENTS FOR THE PURCHASE OF 

nnnra antvor a service through a mobiu; r AOfcrrEr fphonf. 

ANTI THE CORRESPONDING SYSTEM AND MOBTIJ5 RADIQTET EPHONF 

2. Claims 

1. Process for remote and secure payment for goods and/or a service 
purchased by a buyer (2) from a supplier (7), making use of a mobile 
radiotelephone (1) used by the said buyer, the said mobile radiotelephone enabling 
access to a radio communications network (5) managed by a management center 
(6), a payment server (4) being connected to the said radio communications 
network (5), 

characterized in that the said process includes the following step: 

- identification (62) of the said buyer (2) by the said management center 
(6) and/or the said payment server (4) and/or a control center, the said 
buyer identification consisting of making sure that the buyer is a 
subscriber correctly registered on a list of subscribers to the said radio 
communications network (5). 

2. Process according to claim 1, characterized in that the said buyer 
identification step (62) itself includes the following steps in sequence: 

- subscriber identification (62a), enabling the said management center (6) 
and/or the said payment server (4) and/or the said control center to 
receive a subscriber identifier (IMSI; 23a; 50) specific to the said buyer, 
as a user of the said radio communications network; 

- subscriber authentication (62b), enabling the said management center (6) 
and/or the said payment server (4) and/or the said control center to check 
the said subscriber identifier that was sent to it (them) during the said 
subscriber identification step (62a). 

3. Process according to claim 2, characterized in that the said subscriber 
authentication step (62b) itself comprises the following steps: 

- the said management center and/or the said payment server and/or the 
said control center supplies a random number (51a) to the said mobile 
radiotelephone; 

- the said mobile radiotelephone generates a subscriber's electronic 
signature (51b): 

* with an individual authentication algorithm (23b) and/or an individual 
authentication key (23c) contained in protected areas (23) of the 
mobile radiotelephone (1), and 

* using the said random number, 
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- the mobile radiotelephone transmits the said subscriber's electronic 
signature to the said management center and/or to the said payment 
server and/or to the said control center; 

• the said management center and/or the said payment server and/or the 
said control center checks the said subscriber^ electronic signature. 

4v Process according to any one of ciaiara ] to 3, characterized hi that the 
said process also includes the following step: 

■ Ac said management center (6) and/or the said payment server (4) and/or 
the said control center authenticates (61) the said buyer (2), and possibly 
a decision to purchase the goods and/or service purchased by the buyer 

5. Process according to claim 4, characterized in that the said buyer 
amhentication step, and possibly the purchase decision, itsdf comprises the 
following steps: 

• the mobile racUoteJephooe generates a buyer/a electronic signature; 

• the mobile radiotelephone sends (29a) the said buyer's electronic 
signature to the said management center and/or the said payment server 
and/or the said control center; 

• the said management center and/or the said payment server (4) and/or the 
said control canter checks (42) the said buyer's electronic signature, the 
said buyer's electronic signature betmj kept (43, 44) available for use by 
the buyer and the supplier. 

6. Process according to claim 4* characterized in that the said buyer 
authentication step, and possibly the purchase decision step, itself comprises the 
following steps: 

- the buyer may input a confidential payment code into the mobile 
radiotelephone (1). using a keypad (24) associated with the mobile 
radiotelephone (1); 

- the mobile radiotelephone sends a secure transmission of the said 
confidential payment code to me $aid management center and/or the said 
payment server and/or the said control center, 

~ the said management center and/cr the said payment server (4) annVor the 
said control center checks the said confidential payment code, 

7. Process according to claim 5, characterised in that the said buyer 
authentication step, and possibly the purchase decision, also comprises the 
following preliminary step: 
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- the buyer inputs a confidential payment code into the mobile 
radiotelephone (1) using a keypad (24) associated with the mobile 
radiotelephone (ly. 

& Process according to either of claims 6 and 7 characterized ia that (tie 
said step ia which the said confidential paymept code is input* is made using an 
input algorithm stored in the said mobile radiotelephone. 

9. Process according to either of claims 6 and 7 characterized in that the 
said step in which the said confidential payment code ia input, is made uiiag at 
least one downloaded page in the HDML or an equivalent format provided for this 
purpose. 

10. Process according to any one of claims S and 7 to 9, ciumctenwt In that 
the said step in which the buyer's electronic signature is generated Is carried out: 

- using a payment security algorithm (23d) and/or a payment security key 
(23e) contained in the protected areas (23) of the mobile radiotelephone 
(I), and 

• stalling from data about the transaction and/or data about the buyer, 
IL Process according to claim Id, characterized in chat at least some of 
the said data related to the transaction include a variability, 

12. Process according to either of claims 10 and II. the said mobile 
radiotelephone (Z) comprising a terminal (20) cooperating with a subscriber 
identification, module (23), characterized in that the said payment security 
algorithm anoVor the said payment security key is (are) stored in protected areas of 
the said terminal 

13. Process according to either of claims 10 and IK the said mobile 
radiotelephone (I) comprising a terminal (20) cooperating with a subscriber 
identification module (23), characterized in that the said payment security 
algorithm (23d) and/or the said payment security key (23e) is (are) arored in 
protected areas of the said subscriber Jdemfficarion module. 

14 Process according to any one of claims I to 13, characterized In that ti 
also comprises the following step: 

~ the mobile radiotelephone ( I) ia unlocked (61) if a comparison between a 
confidential identification code (PIN code) contained in protected areas 
(23) of the mobile radiotelephone (1), and a secret key known to the 
buyer and input by the buyer into the mobile radiotelephone using a 
keypad (24\ Is positive. 
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15. Process according to any one of daims 3, 10 and 12, the said mobile 
radjotetephooe (1) comprising & terminal (20) cooperating with a subscriber 
identification module (23), characterized in that at least one seme of tbe said 
protected areas of the mobile radiotelephone (1) are included in the said 
subscriber Identification module. 

16. Process accenting to any one of claims 1 to 15* characterized in (bat It 
also comprises tbe following step: 

* daU related to paymeDt for tbe purchase of goods and/or tht service are 
encrypted (291), exchanged between tbe mobile radiotelephone and tbe 
management center and/or the payment server and/or the control center, 
to ensure that the purchase is confidential. 

17. Process according to any one of claims t to 16, characterized in that It 
also comprises the following step: 

< a check (292) of tbe integrity of data relalcd to payment fox the purchase 
of good* and/or the service exchanged between tbe mobile 
radiotelephone and the management center and/or the payment server 
and7or the control center, so thar a defmuder is unable to modify the said 
data. 

I & Process according to any one of claims I to 17, characterized in that 
the said buyer is associated with an electronic wallet (70) comprising: 

- a wallet identifier (71) associated with » subscriber identifier (1MSI; 23*; 
50) specific to the said buyer, as a user of the said radio communications 
network; 

- mean* of payment (73, 73a, 73b, 73c); 

- wfocmafcon (74) about (he said buyer and/or the accounts) of tbe said 
buyer, 

use of the said means of payment (73). particularly when buying goods and/or a 
service not being authorized until the buyer has been successfully identified (62), 
and possibly authenticated (63). 

19. Process according to claim 18, characterized in that the said electronic 
wallet (70) also comprises: 

• a confidential payment code (72) known to the said buyer. 

20. Process according to either of claims 18 and 19, the said mobile 
radiotelephone ( I) comprising a terminal (20) cooperating with a subscriber 
idemiHcaUon module (23), characterized m thai tbe said electronic wallet (70) is 
stored in one of the elements belonging to the group consisting of: 
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- the said terminal {20X 

- the said subscriber tderitjffcaiioa module (23), 

- the said pmyneni. server <4), 

- the said management center (6), 

- the said control center, 

21. System for remote payment of goods and/or a service purchased fry a 
toy** (2) from a Supplier <7), in a secure manner using a mobile radiotelephone 
(1) used by the said buyer (l\ the said mobile radiotelephone p/ovjding access to 
a radio communications network (5) managed by a management center (6). a 
payment server (4) being connected to the said radi o communications network, 
characterized in thai the said system comprises means of implementing Hie 
process according bo aoy die of dairns 1 to 20. 

22. Mobile radiotelephone (1) used by a buyer for remote payment of 
goods and/or a service purchased by a buyer (2) from a supplier (7>, in a secure 
manner using a mobile radiotelephone (1) used by the said buyer (2). the said 
mobile radiotelephone providing access to a radio communication! network (5) 
managed by a management center a payment server (4) being connected to the 
said radio communications network. 

characterized in that the said radiotelephone comprises means of implementing 
the process according to any one of claims 1 to 2D, 
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Thit invention relates to a process for making remote payments for die 
purchase of goods and/or a service using a mobile radiotelephone. The invention 
also relates Co a system and a mobile radiotelephone for embodiment of this 
process. 

It is applicable to alt types of mobile radiotelephone*, in other words 
radiotelephones with a term i rial only, and also mobile radiotelephones with a 
terminal that cooperates with a subscriber Identification module. 

m me GSM standard, the mobile radiotelephone (also called "mobile 
station") is of (he second type, and the terminal and the subscriber ideotiflcalioa 
module esed in it are called the "mobile equipment" and "SIM (Subscriber 
ideality Module)" card respectively. Note that a SIM card U in the form of a 
microprocessor card that is slid into the mobile radiotelephone. Ic contains all 
Individual reformation specific to the subscriber, and particularly the subscriber** 
International Module Subscriber Identity (IMS1), an individual authentication key 
(called Ki)* and an individual authentication algorithm (called 

Various electronic payment processes and systems have already been 
proposed* 

Patent EP 451 057 Bl. published on October 9 ]$9l describes a process and 
a system making use of a payment server. The solution recommended io mis 
patent Involves ibe use of a card that sends a voice identification signal. This 
signal is received by the telephone microphone and i* then transmitted do the 
payment server. 
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Patent application WO 96/32701 published on October 17 1996 ^so 
describes an electronic payment process making use of a payment serve?. It can 
be used to make transactions related to the purchase of goods offered by 
merchants by means of fT services through an open computer telecommunications 
network, for example the ^Internet** network, to which merchant server stations 
and customer stations and a payment server station, are connected* 

For the purposes of this invention, it is assumed that remote payment for 
goods or services through a mobile radiotelephone Is made through a closed type 
of radio communications network. A closed radio communications network refers 
particularly, but not exclusively, to networks based on the GSM tech oology (for 
example GSM 900, DCS 1800, etc.). 

Note that a closed radio communications network may obviously by 
connected to one (or several) open network^) through platform* or gateways. 
Thus, a user of the closed radio cooirnnnicaiioos network can use his mobile 
radiotelephone to access an open network. For example, (be "Internet" open 
network can be accessed using a mobile radiotelephone from a GSM network, if 
the mobile radiotelephone has the means (such as a navigator or browser) of using 
a protocol based on a specific language such as the HDML (Handset Device 
Markup Language) or WML (Wireless Markup Language) or any other language 
of the same type and/or derived from one of the two above mentioned languages. 

Due to the fact that a closed radio communication network does not enter 
into the category of open computer telecommunications networks, the solution 
recommended by application WO 9673270] cannot be applied to the problem that 
arises with die invention (specifically remote payment for goods or services using 
a mobile radiotelephone). 

The purpose of this invention is precisely to provide a process for secure 
remote payment for goods and/or a service purchased from a supplier, making use 
of a mobile radiotelephones 

Another purpose of this invention is to supply this type of payment process 
to mi oi raize work done by the buyer, while offering optimum security. 

These various objectives* and others that will appear later, are achieved 
according to the invention by means of a process for remote and secure payment 
for goods and/or a service purchased by a buyer from a supplier, making use of a 
mobile radiotelephone used by the said buyer, the said mobile radiotelephone 
enabling access to a radio cocoununieadons network managed by a management 
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center, a payment server being connected to the said radio communications 
network, the said process comprising ine following step: 

- identification of the said buyer by the said management center andYor the 
said payment server and/or a control center, the said buyer identification 
consisting of making sure thai the buyer Is a subscriber correctiy 
registered on a list of the subscribers to the said radio communications 
network. 

Thus, at the end of dtls buyer identification step, the payment surer 
manager is assured that the buyer ia a bona fide member of the radio 
communications network to which the payment server is connected. 

Note that if the buyer is identified by me radio communications network 
management center, the radio communications operator (who is responsible for 
operation of this management center) becomes a "semi-trusted third party" 
towards the bank organization (which is retpoosibJe for operation of the payment 
server), within me framework of thb tartonm In this case the tank organization 
simply authenticates the buyer, the operator being responsible for the 
identification of the person in possesion of the mobile radiotelephone. 

Preferably, the said buyer identification step itself includes the following 
steps in sequence: 

- subscriber identification, cabling the said management center anoYor the 
said payment server and/or fee said control center to receive a subscriber 
identifier specific to the said buyer* as a user of the said radio 
communications network; 

- subscriber authentication, enabling the said management center and/or 
the said payment server and/or the said control center to check the said 
subscriber identifier (bat was sent to it (them) during the said subscriber 
identification step. 

Thus, during the first buyer identification step, advantage is taken of the fact 
mat the subscriber in a dosed radio comnwmicatioftfl network (for example of the 
GSM type) must be identified and authenticated by the operator responsible for 
the charging system, to prevent fraud and to ensure thai hilling is correct 
Therefore, (he security provided by the physical layers of a dosed network, for 
example of a GSM type, is astutely used Note that in an open network, for 
example such as Internet, security is applied at application level. 

Preferably, the said subscriber authentication step itself comprise* the 
following steps: 
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- the said management center and/or the said payment server and/or (he 
said control center supplies a random number xo the said mobile 
radiotelephone: 

~ the said mobile radiotelephone generates a subscribers electronic 
signature; 

* with ao individual authentication algorithm and/or an individual 
authentication key contained iq protected areas of the mobile 
radiotelephone, and 

* using the said random number; 

- the mobile radiotelephone transmits the said subscriber's electronic 
signature to the said management center and/or to the said payment 
server and/or to the said control center; 

- the said management center and/or the said payment server aod/or the 
said control center checks the said subscriber's etectronic signature. 

Thus the lubscriber authentication procedure specified in the GSM standard 
is used during die buyer identification step. It La important to note that the 
subscriber authentication procedure muse in no case be confused with the buyer 
authentication procedure. 

Preferably* the said process also comprises a step in which the said 
management center and/or ihe said pay mem server and/or the said control center 
authenticates the said buyer, and possibly a decision to buy the goods and/or 
service purchased by the buyer. 

Thus, at the end of this buyer authentication step, the payment server 
manager is assured that the buyer is authorised to pay for the purchased goods 
and/or services. Therefore, the payment server manager can authorize the 
payment, or mafce compensation movements between the buyer's account and the 
supplier's account. 

In one preferred embodiment of the invemion p the said buyer authentication 
step, and possibly the purchase decision, itself comprises the following steps: 

- the mobile radiotelephone gene rates a buyer'* electronic signature; 

- the mobile radiotelephone tans mils the said buyer's electronic signature 
to the said management center and/or the said payment server and/or the 
said control center. 

- the said management center and/or the said payment server and/or the 
said control center checks the said buyer's electronic signature, the said 
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buyer'* electronic signature being kept Available for use by the buyer and 
the supplier. 

According to one advantageous variant, the said buyer authentication stop, 
and possibly the purchase decision seep* itself comprises ihe following sups; 

• the buyer may input a confidential payment code into the mobile 
radiotelephone, tiling a keypad associated with the mobile 
radiotelephone; 

- the mobile radiotelephone sends a secure trans mission of Ihe said 
confidential payment code to the said management center and/or the said 
payment server aooYor the raid control center: 

• the said management center and/or the said payment server and/or the 
said control center checks the said confidential payment code. 

Thus, according to Qua varum, there U no need to calculate a signature. For 
example, a secure transmission could be a dansmissjori in an encrypted form. 

Advantageously, the said buyer authentication atep. and possibly the 
purchase decision, also comprises a step In which the buyer inputs a confidential 
payment code into the mobile radiotelephone by means of a keypad associated 
with the mobile radiotelephone; in particular, the said buyer' a electronic signature 
may be generated as a function of (he said confidential payment code. 

This optional step increases the securily with which the buyer is 
authenticated. 

Two advantageous embodiments of this step for inputting the confidential 
payment code may be considered. 

In a first variant this step is carried out using an input algorithm stored in 
the said mobile radiotelephone. Tiros in this first variant, the radiotelephone 
permanently stores the input algorithm (is the terminal and/or the subscriber 
identification module). Therefore, it requires a few modifications withio the 
radtatelepnon* (in the terminal and/oi the subscriber identification module). 

In the second variant, this step u carried out using at least one downloaded 
page in the HDML or an equivalent format provided for this purpose. Thus, in 
this second variant, the radiotelephone contains no permanent storage for any 
input algorithin. 

Preferably, the said step In which a buyer's electronic signature is generated 
is made with a payment security algorithm and/or a payment security key 
contained la protected areas of the motile radiotelephone, starting from data 
related to the transaction and/or data about the buyer. 
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Note that the buyers electronic signature authenticates either the buyer 
alone or the buyer and the buying decision, depending on whether or Dot i< mk** 
account of data related to the transaction. It can be used to arbitrate about 
disputes between the buyer and/or the supplier andVor the payment server, ft is 
essential if a dispute arises. 

Advantageously, at least some of the said data related to the transaction 
include variability. 

Advantageously, the said payment security algorithm and/or the said 
payment security key is (axe) stored in protected areas of the said terminal* 
According to one advantageous variant, data is scored in protected areas of toe 
said subscriber identification module. 

Advantageously, the said process also comprises the following step: the 
mobile radiotelephone is unlocked if a comparison between a confidential 
identification code contained in protected areas of the mobile radiotelephone, and 
a secret key known to the buyer and Input by the buyer into the mobile 
radiotelephone using a keypad* is positive. 

This "unlocking" (also called "initialization") of the mobile radiotelephone 
is an additional optional verification Known in itself, and offered by some 
operators, particularly in GSM type networks. Note that the Personal Identity 
Number {or PIN code) is input by the subscriber, for example each time that the 
subscriber identification module is insetted into* the terminal, or each time that the 
oirmina] is switched on. 

Preferably, at least some of the said protected areas of the mobile 
radiotelephone are contained in a subscriber identification module. 

For security reasons, in order to make the terminal as independent as 
possible from the user, it is preferable lo confine a maximum amount of personal 
and confidential information (algorithm and individual authentication key* 
payment algorithm and security key, etc,) in the subscriber Identification module. 

Advantageously* the said process also comprises a step in which data related 
to payment for the purchase of goods and/or the service are encrypted, exchanged 
between the mobile radiotelephone and the management center and/or the 
payment server and/or the control center, to ensure that the purchase is 
confidential* 

Advantageously* the said process also comprises a step to check the 
integrity of data related to payment for (be purchase of goods and/or the service 
exchanged between the mobile radiotelephone and die management center andfor 
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Che payment server and/or the control center* so that a defraud cr ia unable to 
modify the said data. 

fa a preferred embodiment of the invention, the said buyer is associated with 
an electronic wallet comprising: 

• a wallet identifier associated witb a subscriber identifier specific lo the 
said buyer, as a user of the said radio communications network; 

- means of payment; 

- information about Che said buyer and/or the accounts) of the said buyer, 
use of the said means, of payment, particularly wheo purchasing goods and/or a 
service not being authorized unrU the buyer has been successfully identified, and 
possibly authenticated. 

Identification and authcntieanori QI necessary) of the buyer may also be 
seen as identification and authentication (if applicable) of this buyer's electronic 
wallet. Several cases may arise, audi as for example; 

- a subscriber (and a corresponding subscriber identification module) is 
associated with a single dectronic wallet; 

- several subscribers (and therefore several corresponding subscriber 
identification modules) share the same electronic wallet {for sample me 
case of a company hottfinf the walletfc 

- the same subscriber (and (be corresponding subscriber identification 
module) is associated with several electronic wallets. 

Note that, due to the correlation between the wallet identifier and the 
subscriber identifier (the subscriber being the buyer), the identification of the 
buyer (as a subscriber) provides an implicit Identification of his electronic walleL 
Note that in the third case mentioned above, one of the subscriber's electronic 
wallets may for example be chosen by default or, as a variant, the buyer may be 
offered the possibility of making a choice from the several electronic wallets 
available to him. 

After identification* and possibly after authentication, ft* buyer may use the 
payment means contained within his electronic wallet 

Advantageously , the said electronic wallet also comprises a confidential 
payment code known to the said boyer Note mat this confidential payment code 
input by the buyer using the radiotelephone keypad, may be used during the 
calculation of the buyer's electronic signature, so that the buyer and possibly the 
buying decision, can be authenticated. 
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Preferably, the said electronic wallet is stored in one of the elements 
belonging to the group consisting of the said terminal, tbc said subscriber 
identification module, the said payment server, the sold management center and 
the said control center. 

In other words, various locations of die electronic wallet may be considered 
without going outside the framework of this invention. 

Tbc invention also relates to a system for secure remote payment of goods 
and/or a. service purchased by the buyer from a supplier, using a mobile 
radiotelephone used by a buyer. 

The invention also relate* to a •mobile radiotdephone used by a buyer for 
secure remote payment of goads and/or a Gertie* purchased by the buyer from a 
supplier. 

This system and this radiotelephone according to the invention comprise 
means of embodying the process mentioned above. 

Other characteristics and advantages of the invention will become obvious 
from reading the following description of different variant embodiments of the 
invention, given for information and for non-restrictive purposes, and the attached 
tfeswings io which: 

- figure 1 shows a diagrammatic overall view of a particular embodiment 
of a system according to the invention; 

- figure 2 shows a view of a particular embodiment of a mobile 
radiotelephone according to the invention, In the form of a btocX 
diagram; 

• figure 3 shows a view of a particular embodiment of a management 
center according to the invention, in the form of a block diagram; 

- figure 4 shows a view of a particular embodiment of a payment server 
according to the invention, in the form of a block diagram; 

- figure 5 contains an organization chart showing the steps of operations 
related to the purchase of goods and/or a service; 

- figure 6 contains a simplified flowchart showing a particular embodiment 
of the process according to the invention; and 

- figure 7 shows a view of a particular embodiment of an electronic waller 
accocdi ng to the invention* in the form of a block diagram. 

Therefore the invention relates to a process, and a corresponding system and 
mobile radiotelephone, that a buyer can use to make remote payments for the 
purchase of goods and/or a service, using a mobile radiotelephone. 
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Id the particular embodiment shown in figure U the system comprises a 
mobile radiotelepbooe I enabling access to a radio communications network 5 
(for example a GSM network) managed by a management center 6. through a 
radio relay Link 3. A payment server 4 and a sales server 8 are also connected to 
(be radio communications network 5. 

In (be example presented, Ihe payment server 4 and the sales server 8 are 
connected to an open computer tdecommunkations network, for example Ihe 
Internet network 9. The radio communications network 5 is interconnected to this 
Internet network 9. through a gateway 10 (for example a UP access platform 
marketed by the Uowired Planet Company). Jn (his case the mobile 
radiotelephone U provided with a navigator (for example a "UP browser" 
(registered trademark) navigator marketed by the Un wired Planet Company) 
which enables it to navigate through the gateway within the Internet network and 
particularly to access the payment server 4 and the sales server S. 

The system enables a buyer 2 provided with a mobile radiotelephone I , and 
therefore in this case also assumed to be a subscriber registered with the radio 
commtttic&tiom network operator 5, to make a secure remote payment for goods 
and/or a service that be has purchased from a supplier 7 who has a remote sales 
server & 

In the particular embodiment presented in figure 2, the mobile 
radiotelephone 1 compares a terminal 20 that works la cooperation with a SIM 
card 23. However, it is obvious that thb invention is also applicable to a 
raifr telephone consisting of the terminal atone (in other words nor including trie 
subscriber identification module). 

In a manner known in itself, die terminal 20 may for example include a 
commvoicadon management module 21 and an irtforrnatloo processing module 
29, around which a keypad 24. a display screen 26» a Joudspeaker 27, a 
microphone 28 and radio tianamission-receftion means 29a (including an 
antenna) are interconnec t ed- 

It is obvious that the information is also more generally applicable to any 
type of mobile radiotelephone, Thus, the 'conventional 11 terminal as described 
above may be replaced by any type of radio communicatiOfls module thai can be 
connected to a radio communications network, for example like a terminal 
without a keypad or a screen* or a microcomputer working together with a 
terminal through a PCMCIA ("Personal Computer Memory Card International 
Association*) or equivalent type of card. 
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Tbc process according to fee invention comprises fee following steps* as 
shown in fee flowchart In figure 6: 

- (optional ly) unlock (61 ) (or initialize) fee mobile radiotelephone I ; 

* the management center 6 and/or die payment server 4 and/or an 
independent control center (not shown) identifies (62) the buyer as a user 
of the radio communications network; 

- (optionally) the management center 6 and/or the payment server 4 and/or 
the control center (not shown) authenticates (63> the buyer, and possibly 
a purchase decision made by the buyer to purchase goods and/or a 
service. 

The (optional) step 61 in wnkh the radiotelephone 1 is unlocked fc& known 
La itself, and may for example take place aa follows: the buyer 2 inputs a personal 
identity number (or PIN code according to GSM terminology) on the keypad 4, 
then the radiotelephone I compares fee personal identity number input by the 
buyer with the personal identity number stored in protected areas in fee mo bile 
radiotelephone 1 (typically in the SIM card 23), The radiotelephone I Is not 
"unlocked** (in other words made operational in the radio communications 
network) unless the comparison is positive, 

The step 62 In which the buyer 2 is identified according to this invention* 
consists of identifying and authenticating the subscriber, who is the buyer when ha 
pies the radiotelephone. Therefore, for example this step 62 Includes the 
following conventional steps: 

- subscriber identification (62a), by which the management center 6 
receives a subscriber identifier specific to the buyer as a user of the radio 
cornmumcations network. The subscriber identifier 23a, or IMS! 
according to fee GSM terminology, is typically stored in the SIM card 
B; 

- subscriber authentication (62b), allowing the management center to 
check fee subscriber identifier sent to it in subscriber identification step 
62a. 

Note that the buyer identification step (consisting of a subscriber 
Identification and authentication) is carried out automatically, io other words It 
requires no action by the buyer. The buyer only takes part in the nert step of 
buyer authentication, when he is asked to input his confidential payment code. 

It is also important to note thai fee subscriber authentication step 62b must 
In oo case be confused wife fee buyer authentication step 63 presented in detail 
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below* AutbenticatioA of the subscriber (who is the buyer) only takes place for 
(he purpose of buyer identification. It ctn be understood that Ibis buyer 
identification then needs to be used together with buyer authentication, so (bat (be 
payment server verifies (bat the Identified buyer is authorized to make purchase*. 

As an example only, refer Co figare 5 which shows the "conventiooaT 
procedure used in GSM for these subscriber Men titration 62a and authentication 
62b steps. The radiotelephone I scuds (ha user** subscriber identifier (IMS!) 50 to 
the management center 6. After the subscribe? has thus been identified (62a), the 
management center 6 must check hi* identity, in other words must aiirfwtl c aie 
him (62b). This is done by the management center 6 supplying a random number 
("RANCH 5U to the radiotelephone I. Starting from this random number, and 
using an algorithm ("A3/A8") 23b and an individual authentication key fKT) 23c 
contained in protected areas of (he mobile radiotelephone (typically (he SIM card 
23). the radfaCeleubone I calculates a subscriber* electronic signature ("SRES"). 
This subscriber's electronic signature 51b is sent to the management center 6 (and 
more precisely to a subscriber management module 30} which checks it by 
comparing it with the signature that it calculated locally. If the two subscriber's 
electronic signatures are identical, the subscriber authentication (and for the 
purposes of the invention* the buyer identification) is successful (the person 
holding the mobile radiotelephone I is on the subscribers list) and the 
management center sends messages 51c and 52 to confirm this to the 
radiotelephone 1 and to an identification module 40 located in die payment server. 
Furthermore, the OSM technology enables independent authentication of the 
oommunicatlon set up as a function of the network topology (when setting up* 
during a handover, etc.). 

In summary t after execution of the buyer identification step 62. the manager 
4a of the payment server 4 is assured that the person 2 holding the mobile 
radiotelephone I On other words the buyer in this case) is correctly registered on 
the subscribers List, and therefore that he is a bona fide member of the radio 
communications network to which the payment server 4 is connected. 

The buyer identification step 62 may be followed by a buyer autherracadon 
step63. In this step, the manager 4a of the payment serrer 4 assures iisetf that the 
buyer 2 in possession of the mobile radiotelephone I at the dme of the payment is 
authorized to pay for the purchased goods and/or services. If so, the payment 
server manager can then authorize payment or make compensation movement! 
between the buyer's account 2 and the supplier's account 7. Thia buyer 
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authentication step 63 may be used before or after the buyer has made die 
purchase decision. 

In one particular embodiment, the buyer authentication step 63 comprises 
the following seeps: 

- (optionally! the buyer 2 uses the keypad 24 on the mobile radiotelephone 
I to input a confidential payment code. For example, this Input step may 
be carried out using an input algorithm stored in the mobile 
radiotelephone (in the SIM card 23 or in (he terminal 20), or according to 
one variant, using oae or several downloaded pages in the HDML or 
equivalent format, and provided for this purpose; 

- the mobile radiotelephone ge n erates a buyer's electronic signature: 

* with en algorithm 23d and a payment security key 23e contained in 
the protected areas 23 of the mobile radiotelephone {either in the 
lenninat 20 or in the SIM card 23): 

* starting from data about the transaction (audi as the contents and/Or 
the price) andfor data about the buyer (such as the confident a] 
payment code, if the buyer had input the payment code). Furthermore* 
data about the transaction may include element* supplying variability 
on the signature (Tor example such as the time date of the transaction, 
a random number, a transaction aorta! number, etc); 

* rise mobile radiotelephone I transmits the buyer's electronic signature to 
the payment server 4; 

* the buyer's electronic signature Is checked in a check module 42 included 
In due payment server 4. The buyer's electronic signature is kept 
available to the buyer 2 and the supplier 7. This check may also be 
carried out by the subscriber management center 6 or by the control 
center (not shown). In the former case, the subscriber management 
center 6 comprises an authentication module 33 for radiotelephone 
holders subscribing to the remote payment service. 

The procedure adopted in this particular embodiment (given as an example) 
of the buyer authentication step then continues (refer to (he lower part of figure 5). 
The buyer 2 sends a purchase request S3 to the sales server 3 of the supplier 7. Ia 
return, he receives data about the price of the goods and/or service 54. The buyer 
then makes a purchase decision 53. At the same lime t the calculation means 
(typically a microprocessor) in the mobile radiotelephone calculate a buyer's 
electronic signature. The mobile radiotelephone 1 uses transinission means 29a to 
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seed die buyer's purchase decision ami his electronic signature firstly to the server 
8 of me supplier 7 (arrow marked 55) and secondly to (be payment server 4 {arrow 
ma/ted 56). The payment server 4 Inctode* a check nodule (or certification 
module) 42 to check (or certify) (he buyer's electrode signature, ThU check 
module 42 checks the signature, for example by carrying oat calculations with 
operatic** exactly the same as those carried out io the mofaUe radlotdephone at 
the time of the purchase. If the payment server 4 accepts the transaction, a 
"transaction accepted" message 57 is sent to the supplier's server S through a 
reception Acknowledgment module 43 on die payment server 4, The supplier's 
server 8 sends a "purchase confirmation" message 58 to the buyer (id the buyer** 
mobile radiotelephone and/or the buyer's home). The buyer's electronic 
signamres are stored by a storage module 44 on the payment server 4 and are kept 
available to me buyer and (be supplier. 

It tt obvious (bat if the subscriber management center 6 or (he control center 
{not shown) checks (or certifies) the buyer'* electronic signature, then the 
subscriber management center or the control center will include checking, 
acknowledgment and storage type modules like 42, 43 and 44 described above for 
the payment server 4 

According to another variant that is easier to implement, the buyer 
authentication step 63, and possibly the purchase decision Itself* includes the 
following steps: 

- the buyer to putt a confidential payment code into the mobile 
radiotelephone l using the keypad 24 associated with the mobile 
radiotelephone. This input step may for example be carried out using an 
input algorithm stored in the mobile radiotelephone On the SIM card 23 
or in (he terminal 20) or according to one variant* using one or several 
downloaded pages in the HOML format or equivalent format provided 
fortius purpose: 

- the mobile radiotelephone make* a secure transmission of the 
confidential payment code to the payment server 4; 

- the payment server 4 checks the cocflrjdeetial payment code (for e wmpie 
by verifying that ebb confidential payment code actually belongs to a 
predetermined list of valid payment codes). 

Regardless of what embodiment is chosen* after the buyer authentication 
step $3, the manager 4a of the payment server 4 U assured thai the buyer 2 in 
possession of (be mobile radiotelephone 1 at the time of die payment is authorized 
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10 pay for the purchased goods and/or services. The buyer's electronic signature 
is sufficient to arbitrate any disputes that may arise betweeo (be buyer 2 ancVor the 
supplier 7 and/or the manager 4a of the payment server 4 

According to this invention* the mdioteiepbooe I, for example in the 
communications management module 21, comprises various means necessary for 
implementing the various steps in the process a* described above (through several 
implementations and variants). In particular, the radiotelephone comprises means 
22 necessary for unlocking the radloteleptkOtte, means 34 necessary for identifying 
the buyer, and means 25 necessary for authenticating use buyer* 

The conunnnicatioa management means and/or information processing 
means 29 of the mobile radiotelephone 1 may also comprise means 291 of 
encrypting data about payment for the purchase of goods and/or services 
exchanged between the mobile radio telephone 1 andVor (he management cancer 6 
and/or the payment server 4 and/or the control cater, in a manner known In itself. 
These encryption means assure confidentiality of the purchase. 

Information processing mean* 29 of the mobite radiotelephone 1 may also 
comprise means 292 of controlling the integrity of data related to payment for the 
purchase of goods andVor services, exchanged between the mobile radiotelephone 
] andVor the rranagemenl center 6 and/or the payment server 4 and/or the control 
censer, La a manner known in itself. Thus* a defrauder is unable to modify these 
data* 

Furthermore,, according to Una invention, each buyer may be associated with 
an electronic wallet 70. A Shown in figure 7, this wallet 70 may for example 
comprises 

- a wallet identifier 7] associated with a subscriber identifier ffor example 
the subscriber's "I MSP) specific to the buyer (as a user of the radio 
communications network); 

• a confidential payment code 72, known only to the buyer 2; 

- payment means 73. particularly but not exclusively an electronic wallet 
73a (usually for amounts less than a predetermined threshold), a credit 
card holder 73b (usually for amount* greater than the above mentioned 
predetermined threshold), or any other payment means 73c available to 
the buyer provided by bank organizations. 

- i nf ormation 74 about the buyer andVor his accounts). 



Use of payment means 73 is only aorborfeed, particularly when purchasing 
goods and Am- a service, after successful identification and possibly authentication 
of the buyer 2. 

This electronic wallet may be stored In various Locations, namely In the 
terminal 20* in the SIM card 23, in the payment server 4+ in the management 
center 6 or in the control center (not shown). 
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The invention relates to a process for making a secure remote payment for 
goods aad/or a service purchased by the buyer (2) from a supplier (7) asing a 
mobile rtdfotetepnooe (1) used by (he buyer The mobile radiotelephone provider 
access to a radio communication* network (5) managed (hroogh a management 
center (6). A payment server (4) is connected to the cadio communications 
netwerk (5). The process according to this indention comprises a step in which 
the said management center (6) and/or dm said payment server (4) and/or a control 
center identifies the said buyer (2), identification of the buyer consisting of 
ensuring that the buyer ii a bona fide subscriber registered on a list of subscribers 
to the said radio ccrnmnai cations network <5X The process may also include a 
step to authenticate toe saidbayer(2). 
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